I keep getting the following event log descriptions for "svcListener" and "svcListener - Prof" in my Event log. Does anyone know where this comes from and how I can fix this?
svcListener
The description for Event ID ( 0 ) in Source ( svcListener ) cannot be found.
The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer.
You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details.
The following information is part of the event: Cannot perform this operation on a closed dataset.
svcListener - Prof
The description for Event ID ( 0 ) in Source ( svcListener- Prof ) cannot be found.
The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer.
You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details.
The following information is part of the event: Exception in Oracle Connection- 12560 EOracleEr
It looks like svcListener and svcListener-Prof are trying to write to the event log using an Event Source that does not exist. (or they do not have permissions to create it)
In code, you would do something like this before writing to the event log:
if(!EventLog.SourceExists("myService")){EventLog.CreateEventSource("myService","Application");}
And you would make sure that the first time "svcListener" ran, it had the permissions necessary to create the Event Source.
To fix it, you can create the source yourself. Just write a short program to do it, like the above, and run it just once from an Admin account.
Related
I have a C# Outlook add-in that is using the Redemption library.
This add-in, among other things, copy the selected mail to a share somewhere on the network.
It usually works pretty well but sometimes, the .msg file on the share seems to be corrupted. It cannot be read by the service that tries to process it. Double clicking on it shows this message: "Cannot read the item".
Sometimes, I can see an error message:
SaveEmail - System.Runtime.InteropServices.COMException (0x8007000):
Error in StgCreateDocFile: 0x8007000 at
Redemption.IRDOMail.SaveAs(String Path, Object Type) at
XYZNameSpace.Email.SaveEmail(...)
Here the code that save the mail to the share:
// Save the mail in a temp local file first
mailItem.SaveAs(temppath, Outlook.OlSaveAsType.olMSG);
(... some processing ...)
// Reload the mail
RDOMail rm = rdoSession.GetMessageFromMsgFile(temppath);
// Save it again on a share
rm.SaveAs(filePathName, Outlook.OlSaveAsType.olMSG);
Note 1 : I don't know why the mail is first saved locally!
Note 2 : It is using an older version of Redemption (2015).
Note 3 : The size of the message doesn't seem important. However, they are
usually between 2 and 15 MB.
Many thanks in advance.
IStorage API does not really like remote drives - there is no way for the storage sharing features to work.
Opening and saving the message the second time really does not make much sense - why not simply copy the MSG file using the file system API?
The command-line EventCreate.exe tool registers a user-defined event source in the Registry for the Windows Event Log Viewer to use, like this:
eventcreate /t INFORMATION /ID 100 /L "Application" /SO [SourceName] /D "Description"
I wrote an app that has its own Event Log resource strings and is registered as an event source, per MSDN, but it doesn't use the CustomSource value and works fine.
I can't find any documentation on MSDN, or elsewhere online, on what CustomSource is meant for exactly. None of the registered sources on my machines use it.
Does anyone know what CustomSource is meant for, and how it works? Is it just something internal to EventCreate.exe, or does the Windows Event Log actually use it for something?
Thanks to #RbMm for pointing out this blog article:
EventCreate and "ERROR: Source parameter is used to identify custom applications/scripts only"
For whatever reason, EventCreate was designed only to log events that are associated with event log sources that EventCreate created. It does this by adding a REG_DWORD value called CustomSource in the source's registry key when it creates a new source, and checking for that value for a source that already exists. So in the above example, if the "MyStuff" source didn't already exist in the Application log, the above command would have created it and configured its key with a CustomSource value. Subsequent calls to EventCreate with the same source would succeed after verifying the existence of the CustomSource value. If, however, the "MyStuff" source had been created through another mechanism that didn't create a CustomSource flag, such as with the PowerShell New-EventLog cmdlet, then you'd get the error message. If you create a CustomSource value in an event source's key, then EventCreate will work with that source.
I'm trying to solve a problem where an xml file gets modified.
I want to determine which process and user is modifying this file.
I was thinking of more like using Powershell to subscribe to a file modified event. Once that event occurs, it triggers some code which outputs the details about the file modification (time, user, process etc.) to an output file.
I tried using the FileSystemWatcher, but it doesn't return required info about the user/process which modified the file so that wasn't sufficient for me.
Does there exist such an event class which I could subscribe to which will trigger an event when the file gets modified and also return which user or process modified the file and when.
If nothing works, the last resort is using the Windows Security Audit Logs which generates events when the file was modified and I can use powershell to parse them.
Thank you!
I have a map on computer A shared and enabeled for auditing.
indeed when I trow a file in this map I notice the event 4663 id..
However when I do this from another Pc to the same shared map nothing shows up in the event viewer.
I know this question is a little old but posting anyway.
I had the same issue and solved it by enabling additional Policy 'File Share' to 'Success'. You should get Event Id 4663 as desired after this is applied to File Server.
Set this to [Success]: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Audit Policies\Object Access: File Share
Crystal Reports 11 (craxdrt.dll 11.5.7.1048)
Windows 7
I'm using Crystal Reports to export to a PDF document, using CRYSTALCRAXDRT::IReport::Export, and am getting an error, Windows 7 only.
"There is no email program associated to perform the requested action. Please install an email program or, if one is already installed, create an association in the Default Programs control panel."
Again, I'm not trying to send email, just create a document.
I've put forth a little debugging effort into this, and what seems to be happening is this:
I call into craxdrt.dll via the IReport interface, function Export(...), and then, monitoring with procmon, I find that there are several hundred registry queries for default mailer, contacts, etc.
It would seem that craxdrt.dll is building a large-ish data structure ahead of the task with whatever info it might need for a family of functions.
There's an error posted when the program can't find a default email client
Problems with this:
Windows 7 does not ship with a default email client, and early investigation seems to indicate that installing one does not necessarily ameliorate the problem. In any case, I do not expect all of our clients to have one installed, nor do our clients expect to have one installed by us.
Absent the actual need for an email client (i.e., in the above case), we're still getting this error message pop-up.
Note:
Interestingly, this doesn't actually prevent the user from pressing the export button again, and in fact if the user does this, the error does not show up, as the registry queries are apparently done only once per load or use of craxdrt.dll.
I think you are missing setting the ExportOptions before exporting:
Dim crxReport As Report
Set crxReport = Prepare()
crxReport.ExportOptions.FormatType = crEFTPortableDocFormat
crxReport.ExportOptions.DestinationType = crEDTDiskFile
crxReport.ExportOptions.DiskFileName = "C:\temp\Report.PDF"
crxReport.Export (False)